1. Field of the Invention
The present invention relates to an access control method for accessing a particular terminal via the Internet or the like so as to control the terminal, a communication system to which the control is applied, and a server and a communication terminal, which are used for the communication system. More particularly, the present invention relates to processing performed when access requiring security management is performed.
2. Description of the Related Art
Hitherto, various kinds of operations have been proposed in which a household terminal disposed in each household and a server capable of remotely controlling the terminal are connected to each other via the Internet, so that the state within the household is externally monitored or devices within the household are remotely controlled.
In this case, for communication between the household terminal and the server, preferably, communication in which security management is performed is performed so that only a pre-registered server is connected to and remotely controls the household terminal.
In a conventional technique for performing communication in which security is ensured, there is a known technique which is performed by setting, for example, a communication path called a “VPN (Virtual Private Network)”. VPN is a secure communication path that is constructed in the Internet by using tunneling technology and encryption technology. By applying this VPN technology, it is possible to ensure security comparable to the case in which a dedicated communication line is provided. However, when this VPN is applied, a dedicated router of a special configuration, which is compatible with VPN, is needed in the household, and this is not a common practice. As a communication method in which dedicated security ensuring means like this VPN is not needed, a process described in, for example, Japanese Unexamined Patent Application Publication No. 2003-60800, has been proposed.
For the processing described in Japanese Unexamined Patent Application Publication No. 2003-60800, a communication method applied to a home security system is employed. More specifically, the following is described. When a home network center receives a service request regarding the state of a device in the household from an external user terminal such as a cellular phone terminal, access to the communication household terminal is performed by dial-up connection from the home network center, the device within the household is operated via the accessed communication terminal, and the access to the server from the communication household terminal is also performed by dial-up connection using a telephone line.
In such a dial-up connection as that described in Japanese Unexamined Patent Application Publication No. 2003-60800, since the server on the home network center side and the communication terminal are connected in a one-to-one relationship, security higher than that through communication means such as the Internet is ensured. However, in dial-up connection using a telephone line, a communication fee (telephone fee) occurs each time the communication is performed, and a problem arises in that an enormous cost is incurred to manage the system.
In one of the techniques for solving this problem, processing is performed by a so-called polling method in which, by applying communication of an HTTPS (Hypertext Transfer Protocol Secure) system, which is a security-managed communication method which is possible only when, for example, access is performed from the communication terminal to the server (that is, it is not possible when access is performed from the server to the communication household terminal), connection to the server is periodically made from the communication terminal disposed within the household after security is ensured, and communication is performed between the household terminal and the server.
FIG. 10 shows the overview of this polling method. A terminal 99 within the household is periodically connected to a home server system 98 via the Internet in HTTPS system communication in which security is ensured. At the time the connection is made, when there is data to be transmitted from the household terminal 99 to the server 98, the data is transmitted, and when there is data to be transmitted in both the home server system 98 and the terminal 99, the terminal 99 receives the data. As a result of applying this system shown in FIG. 10, security can be ensured comparatively easily. However, in the case of this polling method, since the server can only communicate with the household terminal at certain predetermined times, application to services requiring real-time characteristics is difficult. Furthermore, on the server side, when there is data to be transmitted to the household terminal, the data to be sent needs to be held until access is performed from the terminal at the next polling, and thus the load on the server becomes heavy.